package org.webswing.server.util;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.webswing.server.base.UrlHandler;
import org.webswing.server.services.security.WebswingPrincipal;
import org.webswing.server.services.security.api.AbstractWebswingUser;
import org.webswing.server.services.security.api.WebswingAction;
import org.webswing.server.services.websocket.WebSocketConnection;

/* loaded from: input_file:WEB-INF/classes/org/webswing/server/util/SecurityUtil.class */
public class SecurityUtil {
    public static AbstractWebswingUser getUser(UrlHandler urlHandler) {
        return getUser(urlHandler.getSecuredPath());
    }

    public static AbstractWebswingUser getUser(String str) {
        return resolveUser(SecurityUtils.getSubject(), str);
    }

    public static AbstractWebswingUser getUser(WebSocketConnection webSocketConnection) {
        return resolveUser(SecurityUtils.getSubject(), webSocketConnection.getHandler().getSecuredPath());
    }

    private static AbstractWebswingUser resolveUser(Subject subject, String str) {
        PrincipalCollection principals;
        if (subject == null || str == null || (principals = subject.getPrincipals()) == null || !subject.isAuthenticated()) {
            return null;
        }
        AbstractWebswingUser abstractWebswingUser = null;
        for (WebswingPrincipal webswingPrincipal : principals.byType(WebswingPrincipal.class)) {
            if ("".equals(webswingPrincipal.getSecuredPath()) && webswingPrincipal.isPermitted(WebswingAction.master_admin_access.name())) {
                abstractWebswingUser = webswingPrincipal.getUser();
            }
            if (str.equals(webswingPrincipal.getSecuredPath())) {
                return webswingPrincipal.getUser();
            }
        }
        return abstractWebswingUser;
    }

    public static Object getFromSecuritySession(String str) {
        return SecurityUtils.getSubject().getSession().getAttribute(str);
    }

    public static void setToSecuritySession(String str, Object obj) {
        SecurityUtils.getSubject().getSession().setAttribute(str, obj);
    }
}
